SEOUL — South Korea suspects a North Korean team may be behind the recent hacking of cryptocurrency exchange Upbit that led to the unauthorized withdrawal of 44.5 billion won ($30.4 million) in cryptocurrencies, the Yonhap News Agency reported on Friday.
South Korean authorities are inspecting Upbit’s systems and suspect a group of hackers affiliated with North Korea’s spy agency, known as the Lazarus Group, were involved in what the exchange called “an abnormal withdrawal,” Yonhap said.
The Lazarus Group has been blamed for a number of crypto heists in recent years, with the US Federal Bureau of Investigation citing North Korea’s cyber operations as “one of the most advanced persistent threats.”
Thursday’s hack at Upbit had the signature of the heist of 58 billion won in cryptocurrencies in 2019 that was linked to Lazarus, Yonhap cited an unnamed government official as saying.
An official at South Korea’s National Police Agency team investigating cyber crimes said an investigation has been launched into the case, but declined further comment.
The National Intelligence Service could not be reached for comment.
An official at Dunamu, the operator of Upbit, said: “We are currently investigating the cause and scale of the asset outflow.”
The attack occurred hours before South Korean internet giant Naver acquired Dunamu.
Upbit is the country’s largest cryptocurrency exchange.